The Race Is on to Keep AI Agents From Running Wild With Your Credit Cards

Agentic AI is moving from experimental demos to everyday commerce, where software assistants can place orders, manage subscriptions, or even negotiate prices on a user’s behalf. This shift introduces a novel attack surface: malicious actors could hijack an autonomous agent to drain accounts or make unauthorized purchases. Traditional password‑based security models were never designed for machines acting as proxies, prompting industry leaders to rethink authentication from the ground up. By framing AI agents as distinct principals, the emerging standards aim to embed trust directly into the transaction flow, rather than retrofitting legacy controls.

The FIDO Alliance’s working groups are leveraging two open‑source tools to jump‑start the standards effort. Google’s Agent Payments Protocol (AP2) creates a cryptographic receipt that confirms a user’s intent without exposing sensitive details, while Mastercard’s Verifiable Intent framework adds selective disclosure so only the necessary parties see transaction data. Together they form a layered approach: a user authorizes an action, the agent presents a signed proof, and the merchant validates it against a shared trust anchor. This model not only thwarts phishing and credential stuffing but also provides a clear audit trail for dispute resolution.

Accelerating the standards timeline is critical as AI‑driven commerce scales. Faster adoption reduces the window for exploitation and builds consumer confidence, which is essential for broader AI integration across retail, travel, and financial services. Moreover, a unified protocol lowers implementation costs for startups and legacy firms alike, fostering interoperability across platforms. As the ecosystem coalesces around these safeguards, we can expect a surge in innovative agentic services—ranging from automated inventory hunting to real‑time price negotiation—underpinned by a secure, privacy‑preserving foundation.